mirror of
https://github.com/rspamd/rspamd.git
synced 2024-07-31 20:21:26 +02:00
339 lines
12 KiB
Diff
339 lines
12 KiB
Diff
diff -ru exim-4.70.orig/src/expand.c exim-4.70/src/expand.c
|
|
--- exim-4.70.orig/src/expand.c 2016-04-09 13:42:00.227625074 +0200
|
|
+++ exim-4.70/src/expand.c 2016-04-09 13:42:37.183633096 +0200
|
|
@@ -578,6 +578,7 @@
|
|
{ "sn8", vtype_filter_int, &filter_sn[8] },
|
|
{ "sn9", vtype_filter_int, &filter_sn[9] },
|
|
#ifdef WITH_CONTENT_SCAN
|
|
+ { "spam_action", vtype_stringptr, &spam_action },
|
|
{ "spam_bar", vtype_stringptr, &spam_bar },
|
|
{ "spam_report", vtype_stringptr, &spam_report },
|
|
{ "spam_score", vtype_stringptr, &spam_score },
|
|
diff -ru exim-4.70.orig/src/globals.c exim-4.70/src/globals.c
|
|
--- exim-4.70.orig/src/globals.c 2016-04-09 13:42:00.219625073 +0200
|
|
+++ exim-4.70/src/globals.c 2016-04-09 13:42:37.187633096 +0200
|
|
@@ -1136,6 +1136,7 @@
|
|
uschar *spamd_address = US"127.0.0.1 783";
|
|
uschar *spam_bar = NULL;
|
|
uschar *spam_report = NULL;
|
|
+uschar *spam_action = NULL;
|
|
uschar *spam_score = NULL;
|
|
uschar *spam_score_int = NULL;
|
|
#endif
|
|
diff -ru exim-4.70.orig/src/globals.h exim-4.70/src/globals.h
|
|
--- exim-4.70.orig/src/globals.h 2016-04-09 13:42:00.219625073 +0200
|
|
+++ exim-4.70/src/globals.h 2016-04-09 13:42:37.187633096 +0200
|
|
@@ -703,6 +703,7 @@
|
|
extern uschar *spamd_address; /* address for the spamassassin daemon */
|
|
extern uschar *spam_bar; /* the spam "bar" (textual representation of spam_score) */
|
|
extern uschar *spam_report; /* the spamd report (multiline) */
|
|
+extern uschar *spam_action; /* the spamd action */
|
|
extern uschar *spam_score; /* the spam score (float) */
|
|
extern uschar *spam_score_int; /* spam_score * 10 (int) */
|
|
#endif
|
|
diff -ru exim-4.70.orig/src/spam.c exim-4.70/src/spam.c
|
|
--- exim-4.70.orig/src/spam.c 2016-04-09 13:42:00.231625075 +0200
|
|
+++ exim-4.70/src/spam.c 2016-04-09 13:43:43.927647677 +0200
|
|
@@ -16,6 +16,7 @@
|
|
uschar spam_score_buffer[16];
|
|
uschar spam_score_int_buffer[16];
|
|
uschar spam_bar_buffer[128];
|
|
+uschar spam_action_buffer[32];
|
|
uschar spam_report_buffer[32600];
|
|
uschar prev_user_name[128] = "";
|
|
int spam_ok = 0;
|
|
@@ -31,9 +32,11 @@
|
|
int spamd_sock;
|
|
uschar spamd_buffer[32600];
|
|
int i, j, offset, result;
|
|
+ BOOL is_rspamd;
|
|
uschar spamd_version[8];
|
|
+ uschar spamd_short_result[8];
|
|
uschar spamd_score_char;
|
|
- double spamd_threshold, spamd_score;
|
|
+ double spamd_threshold, spamd_score, spamd_reject_score;
|
|
int spamd_report_offset;
|
|
uschar *p,*q;
|
|
int override = 0;
|
|
@@ -122,8 +125,15 @@
|
|
spamd_address_container *this_spamd =
|
|
(spamd_address_container *)store_get(sizeof(spamd_address_container));
|
|
|
|
+ /* Check for spamd variant */
|
|
+ if( Ustrstr(address, "variant=rspamd") != NULL ) {
|
|
+ this_spamd->is_rspamd = TRUE;
|
|
+ }
|
|
+ else {
|
|
+ this_spamd->is_rspamd = FALSE;
|
|
+ }
|
|
/* grok spamd address and port */
|
|
- if( sscanf(CS address, "%s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) {
|
|
+ if( sscanf(CS address, "%23s %hu", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) {
|
|
log_write(0, LOG_MAIN,
|
|
"spam acl condition: warning - invalid spamd address: '%s'", address);
|
|
continue;
|
|
@@ -165,6 +175,7 @@
|
|
spamd_address_vector[current_server]->tcp_port,
|
|
5 ) > -1) {
|
|
/* connection OK */
|
|
+ is_rspamd = spamd_address_vector[current_server]->is_rspamd;
|
|
break;
|
|
};
|
|
|
|
@@ -197,12 +208,28 @@
|
|
}
|
|
|
|
server.sun_family = AF_UNIX;
|
|
- Ustrcpy(server.sun_path, spamd_address_work);
|
|
+ p = Ustrstr(spamd_address_work, "variant=rspamd");
|
|
+ if( p != NULL ) {
|
|
+ is_rspamd = TRUE;
|
|
+ /* strip spaces */
|
|
+ p --;
|
|
+ while (p > spamd_address_work && isspace (*p)) {
|
|
+ p --;
|
|
+ }
|
|
+ Ustrncpy(server.sun_path, spamd_address_work, p - spamd_address_work + 1);
|
|
+ /* zero terminate */
|
|
+ server.sun_path[p - spamd_address_work + 1] = 0;
|
|
+ }
|
|
+ else {
|
|
+ is_rspamd = FALSE;
|
|
+ Ustrcpy(server.sun_path, spamd_address_work);
|
|
+ }
|
|
+
|
|
|
|
if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) {
|
|
log_write(0, LOG_MAIN|LOG_PANIC,
|
|
"malware acl condition: spamd: unable to connect to UNIX socket %s (%s)",
|
|
- spamd_address_work, strerror(errno) );
|
|
+ server.sun_path, strerror(errno) );
|
|
(void)fclose(mbox_file);
|
|
(void)close(spamd_sock);
|
|
return DEFER;
|
|
@@ -210,22 +237,50 @@
|
|
|
|
}
|
|
|
|
+ (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK);
|
|
/* now we are connected to spamd on spamd_sock */
|
|
- (void)string_format(spamd_buffer,
|
|
- sizeof(spamd_buffer),
|
|
- "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
|
|
- user_name,
|
|
- mbox_size);
|
|
-
|
|
- /* send our request */
|
|
- if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0) {
|
|
+ if (is_rspamd) {
|
|
+ /* rspamd variant */
|
|
+ const char *helo;
|
|
+ const char *fcrdns;
|
|
+ const char *authid;
|
|
+ uschar *req_str;
|
|
+
|
|
+ req_str = string_sprintf("CHECK RSPAMC/1.3\r\nContent-length: %lu\r\n"
|
|
+ "Queue-Id: %s\r\nFrom: <%s>\r\nRecipient-Number: %d\r\n", mbox_size,
|
|
+ message_id, sender_address, recipients_count);
|
|
+ for (i = 0; i < recipients_count; i ++)
|
|
+ req_str = string_sprintf("%sRcpt: <%s>\r\n", req_str, recipients_list[i].address);
|
|
+ if ((helo = expand_string(US"$sender_helo_name")) != NULL && *helo != '\0')
|
|
+ req_str = string_sprintf("%sHelo: %s\r\n", req_str, helo);
|
|
+ if ((fcrdns = expand_string(US"$sender_host_name")) != NULL && *fcrdns != '\0')
|
|
+ req_str = string_sprintf("%sHostname: %s\r\n", req_str, fcrdns);
|
|
+ if (sender_host_address != NULL)
|
|
+ req_str = string_sprintf("%sIP: %s\r\n", req_str, sender_host_address);
|
|
+ if ((authid = expand_string(US"$authenticated_id")) != NULL && *authid != '\0')
|
|
+ req_str = string_sprintf("%sUser: %s\r\n", req_str, authid);
|
|
+ req_str = string_sprintf("%s\r\n", req_str);
|
|
+ wrote = send(spamd_sock, req_str, Ustrlen(req_str), 0);
|
|
+ }
|
|
+ else {
|
|
+ /* spamassassin variant */
|
|
+ (void)string_format(spamd_buffer,
|
|
+ sizeof(spamd_buffer),
|
|
+ "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
|
|
+ user_name,
|
|
+ mbox_size);
|
|
+ /* send our request */
|
|
+ wrote = send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0);
|
|
+ }
|
|
+ if(wrote == -1)
|
|
+ {
|
|
(void)close(spamd_sock);
|
|
log_write(0, LOG_MAIN|LOG_PANIC,
|
|
- "spam acl condition: spamd send failed: %s", strerror(errno));
|
|
+ "spam acl condition: spamd send failed: %s", strerror(errno));
|
|
(void)fclose(mbox_file);
|
|
(void)close(spamd_sock);
|
|
return DEFER;
|
|
- };
|
|
+ }
|
|
|
|
/* now send the file */
|
|
/* spamd sometimes accepts connections but doesn't read data off
|
|
@@ -304,7 +359,9 @@
|
|
(void)fclose(mbox_file);
|
|
|
|
/* we're done sending, close socket for writing */
|
|
- shutdown(spamd_sock,SHUT_WR);
|
|
+ if (!is_rspamd) {
|
|
+ shutdown(spamd_sock,SHUT_WR);
|
|
+ }
|
|
|
|
/* read spamd response using what's left of the timeout.
|
|
*/
|
|
@@ -328,60 +385,93 @@
|
|
/* reading done */
|
|
(void)close(spamd_sock);
|
|
|
|
- /* dig in the spamd output and put the report in a multiline header, if requested */
|
|
- if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
|
|
- spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
|
|
-
|
|
- /* try to fall back to pre-2.50 spamd output */
|
|
- if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
|
|
- spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
|
|
+ if (!is_rspamd) {
|
|
+ /* dig in the spamd output and put the report in a multiline header, if requested */
|
|
+ if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
|
|
+ spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
|
|
+
|
|
+ /* try to fall back to pre-2.50 spamd output */
|
|
+ if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
|
|
+ spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
|
|
+ log_write(0, LOG_MAIN|LOG_PANIC,
|
|
+ "spam acl condition: cannot parse spamd output");
|
|
+ return DEFER;
|
|
+ };
|
|
+ };
|
|
+
|
|
+ if( spamd_score >= spamd_threshold ) {
|
|
+ Ustrcpy(spam_action_buffer, "reject");
|
|
+ }
|
|
+ else {
|
|
+ Ustrcpy(spam_action_buffer, "no action");
|
|
+ }
|
|
+ }
|
|
+ else {
|
|
+ /* rspamd variant of reply */
|
|
+ int r;
|
|
+ if( (r = sscanf(CS spamd_buffer,"RSPAMD/%7s 0 EX_OK\r\nMetric: default; %7s %lf / %lf / %lf\r\n%n",
|
|
+ spamd_version,spamd_short_result,&spamd_score,&spamd_threshold,&spamd_reject_score,&spamd_report_offset)) != 5 ) {
|
|
log_write(0, LOG_MAIN|LOG_PANIC,
|
|
- "spam acl condition: cannot parse spamd output");
|
|
+ "spam acl condition: cannot parse spamd output: %d", r);
|
|
return DEFER;
|
|
};
|
|
- };
|
|
+ /* now parse action */
|
|
+ p = &spamd_buffer[spamd_report_offset];
|
|
+
|
|
+ if( Ustrncmp(p, "Action: ", sizeof("Action: ") - 1) == 0 ) {
|
|
+ p += sizeof("Action: ") - 1;
|
|
+ q = &spam_action_buffer[0];
|
|
+ while (*p && *p != '\r' && (q - spam_action_buffer) < sizeof(spam_action_buffer) - 1) {
|
|
+ *q++ = *p++;
|
|
+ }
|
|
+ *q = '\0';
|
|
+ }
|
|
+ }
|
|
|
|
/* Create report. Since this is a multiline string,
|
|
we must hack it into shape first */
|
|
p = &spamd_buffer[spamd_report_offset];
|
|
q = spam_report_buffer;
|
|
while (*p != '\0') {
|
|
- /* skip \r */
|
|
- if (*p == '\r') {
|
|
- p++;
|
|
- continue;
|
|
- };
|
|
- *q = *p;
|
|
- q++;
|
|
- if (*p == '\n') {
|
|
- /* add an extra space after the newline to ensure
|
|
- that it is treated as a header continuation line */
|
|
- *q = ' ';
|
|
- q++;
|
|
- };
|
|
- p++;
|
|
+ /* skip \r */
|
|
+ if (*p == '\r') {
|
|
+ p++;
|
|
+ continue;
|
|
+ };
|
|
+ *q = *p;
|
|
+ q++;
|
|
+ if (*p == '\n') {
|
|
+ /* add an extra space after the newline to ensure
|
|
+ that it is treated as a header continuation line */
|
|
+ *q = ' ';
|
|
+ q++;
|
|
+ };
|
|
+ p++;
|
|
};
|
|
/* NULL-terminate */
|
|
*q = '\0';
|
|
q--;
|
|
/* cut off trailing leftovers */
|
|
while (*q <= ' ') {
|
|
- *q = '\0';
|
|
- q--;
|
|
+ *q = '\0';
|
|
+ q--;
|
|
};
|
|
+
|
|
+ /* common spamd actions */
|
|
spam_report = spam_report_buffer;
|
|
+ spam_action = spam_action_buffer;
|
|
|
|
/* create spam bar */
|
|
spamd_score_char = spamd_score > 0 ? '+' : '-';
|
|
j = abs((int)(spamd_score));
|
|
i = 0;
|
|
if( j != 0 ) {
|
|
- while((i < j) && (i <= MAX_SPAM_BAR_CHARS))
|
|
- spam_bar_buffer[i++] = spamd_score_char;
|
|
+ while((i < j) && (i <= MAX_SPAM_BAR_CHARS))
|
|
+ spam_bar_buffer[i++] = spamd_score_char;
|
|
}
|
|
else{
|
|
- spam_bar_buffer[0] = '/';
|
|
- i = 1;
|
|
+ spam_bar_buffer[0] = '/';
|
|
+ i = 1;
|
|
}
|
|
spam_bar_buffer[i] = '\0';
|
|
spam_bar = spam_bar_buffer;
|
|
@@ -397,12 +487,12 @@
|
|
|
|
/* compare threshold against score */
|
|
if (spamd_score >= spamd_threshold) {
|
|
- /* spam as determined by user's threshold */
|
|
- spam_rc = OK;
|
|
+ /* spam as determined by user's threshold */
|
|
+ spam_rc = OK;
|
|
}
|
|
else {
|
|
- /* not spam */
|
|
- spam_rc = FAIL;
|
|
+ /* not spam */
|
|
+ spam_rc = FAIL;
|
|
};
|
|
|
|
/* remember user name and "been here" for it unless spamd_socket was expanded */
|
|
diff -ru exim-4.70.orig/src/spam.h exim-4.70/src/spam.h
|
|
--- exim-4.70.orig/src/spam.h 2016-04-09 13:42:00.235625076 +0200
|
|
+++ exim-4.70/src/spam.h 2016-04-09 13:42:37.187633096 +0200
|
|
@@ -24,7 +24,8 @@
|
|
|
|
typedef struct spamd_address_container {
|
|
uschar tcp_addr[24];
|
|
- unsigned int tcp_port;
|
|
+ unsigned short int tcp_port;
|
|
+ int is_rspamd:1;
|
|
} spamd_address_container;
|
|
|
|
#endif
|